Opened 11 years ago

Closed 11 years ago

#367 closed defect (fixed)

Security: GetFdoCachInfo exposes plain text passwords alongside user Ids

Reported by: stevedang Owned by: stevedang
Priority: medium Milestone: 2.0
Component: Server Version: 2.0.0
Severity: major Keywords:
Cc: External ID: 1010319

Description

Using the Web Tier test pages the GetFdoCachInfo? page exposes plain test passwords alongside their corresponding user id for database connections. For security reasons we should remove the password from the results.

Change History (2)

comment:1 Changed 11 years ago by stevedang

Status: newassigned

comment:2 Changed 11 years ago by stevedang

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.